rpms
/
libsrtp
7
0
Fork 0
Code Issues Pull Requests Releases Activity

RHEL 9.0.0 Alpha bootstrap 

The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/libsrtp#cf7a6597d4769306a76ba11e23e3288903966e9c
This commit is contained in:
Petr Šabata 2020-10-15 17:39:49 +02:00
parent 5831dec2c6
commit 273499b97c
14 changed files with 866 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -0,0 +1,4 @@
/srtp-1.4.4-20101004cvs.tar.bz2
/v1.5.0.tar.gz
/v1.5.4.tar.gz
/v2.3.0.tar.gz

18
config.h Normal file
View File

@ -0,0 +1,18 @@
/* This file is here to prevent a file conflict on multiarch systems. A
* conflict will frequently occur because arch-specific build-time
* configuration options are stored (and used, so they can't just be stripped
* out) in config.h. The original config.h has been renamed.
* DO NOT INCLUDE THE NEW FILE DIRECTLY -- ALWAYS INCLUDE THIS ONE INSTEAD. */
#ifdef srtp_multilib_redirection_h
#error "Do not define srtp_multilib_redirection_h!"
#endif
#define srtp_multilib_redirection_h
#if defined(__x86_64__) || defined(__PPC64__) || (defined(__sparc__) && defined(__arch64__)) || defined(__s390x__) || defined(__aarch64__)
#include "srtp/config-64.h"
#else
#include "srtp/config-32.h"
#endif
#undef srtp_multilib_redirection_h

48
libsrtp-1.4.4-CVE20132139.patch Normal file
View File

@ -0,0 +1,48 @@
diff -up srtp/srtp/srtp.c.CVE20132139 srtp/srtp/srtp.c
--- srtp/srtp/srtp.c.CVE20132139 2013-12-30 11:47:39.477223492 -0500
+++ srtp/srtp/srtp.c 2013-12-30 11:49:44.580162545 -0500
@@ -2045,22 +2045,21 @@ crypto_policy_set_from_profile_for_rtp(c
switch(profile) {
case srtp_profile_aes128_cm_sha1_80:
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
break;
case srtp_profile_aes128_cm_sha1_32:
- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+ /* We do not honor the 32-bit auth tag request since
+ * this is not compliant with RFC 3711 */
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
break;
case srtp_profile_null_sha1_80:
crypto_policy_set_null_cipher_hmac_sha1_80(policy);
- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
break;
case srtp_profile_aes256_cm_sha1_80:
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
break;
case srtp_profile_aes256_cm_sha1_32:
- crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+ /* We do not honor the 32-bit auth tag request since
+ * this is not compliant with RFC 3711 */
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
break;
/* the following profiles are not (yet) supported */
@@ -2082,7 +2081,7 @@ crypto_policy_set_from_profile_for_rtcp(
crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
break;
case srtp_profile_aes128_cm_sha1_32:
- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
break;
case srtp_profile_null_sha1_80:
crypto_policy_set_null_cipher_hmac_sha1_80(policy);
@@ -2091,7 +2090,7 @@ crypto_policy_set_from_profile_for_rtcp(
crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
break;
case srtp_profile_aes256_cm_sha1_32:
- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
break;
/* the following profiles are not (yet) supported */
case srtp_profile_null_sha1_32:

75
libsrtp-1.4.4-shared.patch Normal file
View File

@ -0,0 +1,75 @@
diff -up srtp/Makefile.in.shared srtp/Makefile.in
--- srtp/Makefile.in.shared 2010-05-21 13:45:35.000000000 -0400
+++ srtp/Makefile.in 2010-10-04 15:53:29.132116130 -0400
@@ -8,7 +8,7 @@
# runtest runs test applications
# test builds test applications
# libcrypt.a static library implementing crypto engine
-# libsrtp.a static library implementing srtp
+# libsrtp.so shared library implementing srtp
# clean removes objects, libs, and executables
# distribution cleans and builds a .tgz
# tags builds etags file from all .c and .h files
@@ -97,13 +97,13 @@ kernel = crypto/kernel/crypto_kernel.o
cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
-# libsrtp.a (implements srtp processing)
+# libsrtp (implements srtp processing)
srtpobj = srtp/srtp.o srtp/ekt.o
-libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
- ar cr libsrtp.a $^
- $(RANLIB) libsrtp.a
+libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
+ $(COMPILE) -shared -pthread -lm -Wl,--no-undefined -Wl,-soname,$@.0 -z noexecstack -o $@.0.0.0 $^
+ ln -s $@.0.0.0 $@
# libcryptomath.a contains general-purpose routines that are used to
# generate tables and verify cryptoalgorithm implementations - this
@@ -127,19 +127,19 @@ testapp = $(crypto_testapp) test/srtp_dr
test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
test/dtls_srtp_driver$(EXE)
-$(testapp): libsrtp.a
+$(testapp): libsrtp.so
test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rtpw.c test/rtp.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rdbx_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/dtls_srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test: $(testapp)
@echo "Build done. Please run '$(MAKE) runtest' to run self tests."
@@ -197,16 +197,16 @@ install:
cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp
cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
- if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
+ if [ -f libsrtp.so.0.0.0 ]; then cp libsrtp.so.0.0.0 $(DESTDIR)$(libdir)/; fi
uninstall:
rm -f $(DESTDIR)$(includedir)/srtp/*.h
- rm -f $(DESTDIR)$(libdir)/libsrtp.a
+ rm -f $(DESTDIR)$(libdir)/libsrtp.so*
-rmdir $(DESTDIR)$(includedir)/srtp
clean:
rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
- libcryptomath.a libsrtp.a core *.core test/core
+ libcryptomath.a libsrtp.so* core *.core test/core
for a in * */* */*/*; do \
if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
done;

77
libsrtp-1.5.0-shared.patch Normal file
View File

@ -0,0 +1,77 @@
diff -up libsrtp-1.5.0/Makefile.in.shared libsrtp-1.5.0/Makefile.in
--- libsrtp-1.5.0/Makefile.in.shared 2014-10-13 10:35:33.000000000 -0400
+++ libsrtp-1.5.0/Makefile.in 2014-11-14 10:14:01.604954699 -0500
@@ -113,17 +113,13 @@ kernel = crypto/kernel/crypto_kernel.o
cryptobj = $(ciphers) $(hashes) $(math) $(stat) $(kernel) $(replay)
-# libsrtp.a (implements srtp processing)
+# libsrtp (implements srtp processing)
srtpobj = srtp/srtp.o srtp/ekt.o
-libsrtp.a: $(srtpobj) $(cryptobj) $(gdoi)
- ar cr libsrtp.a $^
- $(RANLIB) libsrtp.a
-
-libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
- $(CC) -shared -Wl,-soname,libsrtp.so \
- -o libsrtp.so $^ $(LDFLAGS)
+libsrtp.so: $(srtpobj) $(cryptobj) $(gdoi)
+ $(COMPILE) -shared -pthread -lm -Wl,--no-undefined -Wl,-soname,$@.1 -z noexecstack -o $@.1.0.0 $^
+ ln -s $@.1.0.0 $@
# libcryptomath.a contains general-purpose routines that are used to
# generate tables and verify cryptoalgorithm implementations - this
@@ -150,19 +146,19 @@ testapp = $(crypto_testapp) test/srtp_dr
test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
test/dtls_srtp_driver$(EXE)
-$(testapp): libsrtp.a
+$(testapp): libsrtp.so
test/rtpw$(EXE): test/rtpw.c test/rtp.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rtpw.c test/rtp.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/srtp_driver$(EXE): test/srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/rdbx_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c
- $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
+ $(COMPILE) $(LDFLAGS) -o $@ test/dtls_srtp_driver.c test/getopt_s.c $(LIBS) $(SRTPLIB)
test: $(testapp)
@echo "Build done. Please run '$(MAKE) runtest' to run self tests."
@@ -220,7 +216,7 @@ install:
cp $(srcdir)/include/*.h $(DESTDIR)$(includedir)/srtp
cp $(srcdir)/crypto/include/*.h $(DESTDIR)$(includedir)/srtp
if [ "$(srcdir)" != "." ]; then cp crypto/include/*.h $(DESTDIR)$(includedir)/srtp; fi
- if [ -f libsrtp.a ]; then cp libsrtp.a $(DESTDIR)$(libdir)/; fi
+ if [ -f libsrtp.so.0.0.0 ]; then cp libsrtp.so.0.0.0 $(DESTDIR)$(libdir)/; fi
if [ -f libsrtp.so ]; then cp libsrtp.so $(DESTDIR)$(libdir)/; fi
if [ "$(pkgconfig_DATA)" != "" ]; then \
$(INSTALL) -d $(DESTDIR)$(pkgconfigdir); \
@@ -229,7 +225,7 @@ install:
uninstall:
rm -f $(DESTDIR)$(includedir)/srtp/*.h
- rm -f $(DESTDIR)$(libdir)/libsrtp.a
+ rm -f $(DESTDIR)$(libdir)/libsrtp.so*
rm -f $(DESTDIR)$(libdir)/libsrtp.so
-rmdir $(DESTDIR)$(includedir)/srtp
if [ "$(pkgconfig_DATA)" != "" ]; then \
@@ -238,7 +234,7 @@ uninstall:
clean:
rm -rf $(cryptobj) $(srtpobj) $(cryptomath) TAGS \
- libcryptomath.a libsrtp.a libsrtp.so core *.core test/core
+ libcryptomath.a libsrtp.so* core *.core test/core
for a in * */* */*/*; do \
if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
done;

36
libsrtp-1.5.4-shared-fix.patch Normal file
View File

@ -0,0 +1,36 @@
diff -up libsrtp-1.5.4/Makefile.in.sharedfix libsrtp-1.5.4/Makefile.in
--- libsrtp-1.5.4/Makefile.in.sharedfix 2016-02-02 14:56:49.000000000 -0500
+++ libsrtp-1.5.4/Makefile.in 2016-02-12 09:38:18.228208296 -0500
@@ -84,12 +84,14 @@ pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libsrtp.pc
endif
-SHAREDLIBVERSION = 1
+SHAREDLIBMINIVER = 1
+SHAREDLIBVERSION = $(SHAREDLIBMINIVER).0.0
ifeq (linux,$(findstring linux,@host@))
SHAREDLIB_DIR = $(libdir)
-SHAREDLIB_LDFLAGS = -shared -Wl,-soname,$@
SHAREDLIBSUFFIXNOVER = so
SHAREDLIBSUFFIX = $(SHAREDLIBSUFFIXNOVER).$(SHAREDLIBVERSION)
+SHAREDLIBMINISUFFIX = $(SHAREDLIBSUFFIXNOVER).$(SHAREDLIBMINIVER)
+SHAREDLIB_LDFLAGS = -shared -Wl,-soname,libsrtp.$(SHAREDLIBMINISUFFIX)
else ifeq (mingw,$(findstring mingw,@host@))
SHAREDLIB_DIR = $(bindir)
SHAREDLIB_LDFLAGS = -shared -Wl,--out-implib,libsrtp.dll.a
@@ -148,6 +150,7 @@ libsrtp.$(SHAREDLIBSUFFIX): $(srtpobj) $
$(CC) -shared -o $@ $(SHAREDLIB_LDFLAGS) \
$^ $(LDFLAGS) $(LIBS)
if [ -n "$(SHAREDLIBVERSION)" ]; then \
+ ln -sfn $@ libsrtp.$(SHAREDLIBMINISUFFIX); \
ln -sfn $@ libsrtp.$(SHAREDLIBSUFFIXNOVER); \
fi
@@ -274,6 +277,7 @@ install:
$(INSTALL) -d $(DESTDIR)$(SHAREDLIB_DIR); \
cp libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/; \
ln -sfn libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp.$(SHAREDLIBSUFFIXNOVER); \
+ ln -sfn libsrtp.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp.$(SHAREDLIBMINISUFFIX); \
fi
if [ "$(pkgconfig_DATA)" != "" ]; then \
$(INSTALL) -d $(DESTDIR)$(pkgconfigdir); \

36
libsrtp-2.3.0-shared-fix.patch Normal file
View File

@ -0,0 +1,36 @@
diff -up libsrtp-2.3.0/Makefile.in.sharedfix libsrtp-2.3.0/Makefile.in
--- libsrtp-2.3.0/Makefile.in.sharedfix 2020-01-07 09:48:36.004217062 -0500
+++ libsrtp-2.3.0/Makefile.in 2020-01-07 09:53:08.117725096 -0500
@@ -106,12 +106,14 @@ bindir = @bindir@
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libsrtp2.pc
-SHAREDLIBVERSION = 1
+SHAREDLIBMINIVER = 1
+SHAREDLIBVERSION = $(SHAREDLIBMINIVER).0.0
ifneq (,$(or $(findstring linux,@host@), $(findstring gnu,@host@)))
SHAREDLIB_DIR = $(libdir)
-SHAREDLIB_LDFLAGS = -shared -Wl,-soname,$@
SHAREDLIBSUFFIXNOVER = so
+SHAREDLIBMINISUFFIX = $(SHAREDLIBSUFFIXNOVER).$(SHAREDLIBMINIVER)
SHAREDLIBSUFFIX = $(SHAREDLIBSUFFIXNOVER).$(SHAREDLIBVERSION)
+SHAREDLIB_LDFLAGS = -shared -Wl,-soname,libsrtp2.$(SHAREDLIBMINISUFFIX)
else ifneq (,$(or $(findstring cygwin,@host@), $(findstring mingw,@host@)))
SHAREDLIB_DIR = $(bindir)
SHAREDLIB_LDFLAGS = -shared -Wl,--out-implib,libsrtp2.dll.a
@@ -166,6 +168,7 @@ libsrtp2.$(SHAREDLIBSUFFIX): $(srtpobj)
$(CC) -shared -o $@ $(SHAREDLIB_LDFLAGS) \
$^ $(LDFLAGS) $(LIBS)
if [ -n "$(SHAREDLIBVERSION)" ]; then \
+ ln -sfn $@ libsrtp2.$(SHAREDLIBMINISUFFIX); \
ln -sfn $@ libsrtp2.$(SHAREDLIBSUFFIXNOVER); \
fi
@@ -288,6 +291,7 @@ install:
cp libsrtp2.$(SHAREDLIBSUFFIXNOVER) $(DESTDIR)$(SHAREDLIB_DIR)/; \
if [ -n "$(SHAREDLIBVERSION)" ]; then \
ln -sfn libsrtp2.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp2.$(SHAREDLIBSUFFIXNOVER); \
+ ln -sfn libsrtp2.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp2.$(SHAREDLIBMINISUFFIX); \
fi; \
fi
$(INSTALL) -d $(DESTDIR)$(pkgconfigdir)

13
libsrtp-2.3.0-shared-test-fix.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up libsrtp-2.3.0/Makefile.in.test-shared libsrtp-2.3.0/Makefile.in
--- libsrtp-2.3.0/Makefile.in.test-shared 2020-10-12 16:00:39.065842309 -0400
+++ libsrtp-2.3.0/Makefile.in 2020-10-12 16:01:11.244097667 -0400
@@ -196,7 +196,7 @@ ifeq (1, $(HAVE_PCAP))
testapp += test/rtp_decoder$(EXE)
endif
-$(testapp): libsrtp2.a
+$(testapp): libsrtp2.$(SHAREDLIBSUFFIX)
test/rtpw$(EXE): test/rtpw.c test/rtp.c test/util.c test/getopt_s.c \
crypto/math/datatypes.c
diff -up libsrtp-2.3.0/Makefile.test-shared libsrtp-2.3.0/Makefile

12
libsrtp-2.3.0-test-util.patch Normal file
View File

@ -0,0 +1,12 @@
diff -r -u libsrtp-2.3.0.orig/test/util.c libsrtp-2.3.0/test/util.c
--- libsrtp-2.3.0.orig/test/util.c 2019-12-23 10:58:25.000000000 +0100
+++ libsrtp-2.3.0/test/util.c 2020-10-09 11:56:31.455502870 +0200
@@ -49,7 +49,7 @@
#include <stdint.h>
/* include space for null terminator */
-char bit_string[MAX_PRINT_STRING_LEN + 1];
+static char bit_string[MAX_PRINT_STRING_LEN + 1];
static inline int hex_char_to_nibble(uint8_t c)
{

55
libsrtp-fix-name-collision-on-MIPS.patch Normal file
View File

@ -0,0 +1,55 @@
diff -urp libsrtp-1.5.0/test/srtp_driver.c l/test/srtp_driver.c
--- libsrtp-1.5.0/test/srtp_driver.c 2014-10-13 16:35:33.000000000 +0200
+++ libsrtp-1.5.4/test/srtp_driver.c 2015-09-18 06:41:50.740727805 +0200
@@ -341,7 +341,7 @@ main (int argc, char *argv[]) {
if (do_codec_timing) {
srtp_policy_t policy;
int ignore;
- double mips = mips_estimate(1000000000, &ignore);
+ double mips_est = mips_estimate(1000000000, &ignore);
crypto_policy_set_rtp_default(&policy.rtp);
crypto_policy_set_rtcp_default(&policy.rtcp);
@@ -353,33 +353,33 @@ main (int argc, char *argv[]) {
policy.allow_repeat_tx = 0;
policy.next = NULL;
- printf("mips estimate: %e\n", mips);
+ printf("mips estimate: %e\n", mips_est);
printf("testing srtp processing time for voice codecs:\n");
printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n");
printf("G.711\t\t%d\t\t\t%e\n", 80,
- (double) mips * (80 * 8) /
+ (double) mips_est * (80 * 8) /
srtp_bits_per_second(80, &policy) / .01 );
printf("G.711\t\t%d\t\t\t%e\n", 160,
- (double) mips * (160 * 8) /
+ (double) mips_est * (160 * 8) /
srtp_bits_per_second(160, &policy) / .02);
printf("G.726-32\t%d\t\t\t%e\n", 40,
- (double) mips * (40 * 8) /
+ (double) mips_est * (40 * 8) /
srtp_bits_per_second(40, &policy) / .01 );
printf("G.726-32\t%d\t\t\t%e\n", 80,
- (double) mips * (80 * 8) /
+ (double) mips_est * (80 * 8) /
srtp_bits_per_second(80, &policy) / .02);
printf("G.729\t\t%d\t\t\t%e\n", 10,
- (double) mips * (10 * 8) /
+ (double) mips_est * (10 * 8) /
srtp_bits_per_second(10, &policy) / .01 );
printf("G.729\t\t%d\t\t\t%e\n", 20,
- (double) mips * (20 * 8) /
+ (double) mips_est * (20 * 8) /
srtp_bits_per_second(20, &policy) / .02 );
printf("Wideband\t%d\t\t\t%e\n", 320,
- (double) mips * (320 * 8) /
+ (double) mips_est * (320 * 8) /
srtp_bits_per_second(320, &policy) / .01 );
printf("Wideband\t%d\t\t\t%e\n", 640,
- (double) mips * (640 * 8) /
+ (double) mips_est * (640 * 8) /
srtp_bits_per_second(640, &policy) / .02 );
}

174
libsrtp-sha1-name-fix.patch Normal file
View File

@ -0,0 +1,174 @@
diff -rup libsrtp-1.5.0/crypto/hash/hmac.c libsrtp-1.5.0/crypto/hash/hmac.c
--- libsrtp-1.5.0/crypto/hash/hmac.c 2014-10-13 10:35:33.000000000 -0400
+++ libsrtp-1.5.0/crypto/hash/hmac.c 2014-10-31 09:15:20.666474444 -0400
@@ -141,10 +141,10 @@ hmac_init(hmac_ctx_t *state, const uint8
debug_print(mod_hmac, "ipad: %s", octet_string_hex_string(ipad, 64));
/* initialize sha1 context */
- sha1_init(&state->init_ctx);
+ crypto_sha1_init(&state->init_ctx);
/* hash ipad ^ key */
- sha1_update(&state->init_ctx, ipad, 64);
+ crypto_sha1_update(&state->init_ctx, ipad, 64);
memcpy(&state->ctx, &state->init_ctx, sizeof(sha1_ctx_t));
return err_status_ok;
@@ -165,7 +165,7 @@ hmac_update(hmac_ctx_t *state, const uin
octet_string_hex_string(message, msg_octets));
/* hash message into sha1 context */
- sha1_update(&state->ctx, message, msg_octets);
+ crypto_sha1_update(&state->ctx, message, msg_octets);
return err_status_ok;
}
@@ -183,7 +183,7 @@ hmac_compute(hmac_ctx_t *state, const vo
/* hash message, copy output into H */
hmac_update(state, (const uint8_t*)message, msg_octets);
- sha1_final(&state->ctx, H);
+ crypto_sha1_final(&state->ctx, H);
/*
* note that we don't need to debug_print() the input, since the
@@ -193,16 +193,16 @@ hmac_compute(hmac_ctx_t *state, const vo
octet_string_hex_string((uint8_t *)H, 20));
/* re-initialize hash context */
- sha1_init(&state->ctx);
+ crypto_sha1_init(&state->ctx);
/* hash opad ^ key */
- sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
+ crypto_sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
/* hash the result of the inner hash */
- sha1_update(&state->ctx, (uint8_t *)H, 20);
+ crypto_sha1_update(&state->ctx, (uint8_t *)H, 20);
/* the result is returned in the array hash_value[] */
- sha1_final(&state->ctx, hash_value);
+ crypto_sha1_final(&state->ctx, hash_value);
/* copy hash_value to *result */
for (i=0; i < tag_len; i++)
diff -rup libsrtp-1.5.0/crypto/hash/sha1.c libsrtp-1.5.0/crypto/hash/sha1.c
--- libsrtp-1.5.0/crypto/hash/sha1.c 2014-10-13 10:35:33.000000000 -0400
+++ libsrtp-1.5.0/crypto/hash/sha1.c 2014-10-31 09:15:20.667474449 -0400
@@ -77,12 +77,12 @@ uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt fo
uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */
void
-sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
+crypto_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) {
sha1_ctx_t ctx;
- sha1_init(&ctx);
- sha1_update(&ctx, msg, octets_in_msg);
- sha1_final(&ctx, hash_value);
+ crypto_sha1_init(&ctx);
+ crypto_sha1_update(&ctx, msg, octets_in_msg);
+ crypto_sha1_final(&ctx, hash_value);
}
@@ -99,7 +99,7 @@ sha1(const uint8_t *msg, int octets_in_
*/
void
-sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
+crypto_sha1_core(const uint32_t M[16], uint32_t hash_value[5]) {
uint32_t H0;
uint32_t H1;
uint32_t H2;
@@ -186,7 +186,7 @@ sha1_core(const uint32_t M[16], uint32_t
}
void
-sha1_init(sha1_ctx_t *ctx) {
+crypto_sha1_init(sha1_ctx_t *ctx) {
/* initialize state vector */
ctx->H[0] = 0x67452301;
@@ -204,7 +204,7 @@ sha1_init(sha1_ctx_t *ctx) {
}
void
-sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
+crypto_sha1_update(sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) {
int i;
uint8_t *buf = (uint8_t *)ctx->M;
@@ -229,7 +229,7 @@ sha1_update(sha1_ctx_t *ctx, const uint8
debug_print(mod_sha1, "(update) running sha1_core()", NULL);
- sha1_core(ctx->M, ctx->H);
+ crypto_sha1_core(ctx->M, ctx->H);
} else {
@@ -252,7 +252,7 @@ sha1_update(sha1_ctx_t *ctx, const uint8
*/
void
-sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
+crypto_sha1_final(sha1_ctx_t *ctx, uint32_t *output) {
uint32_t A, B, C, D, E, TEMP;
uint32_t W[80];
int i, t;
diff -rup libsrtp-1.5.0/crypto/include/sha1.h libsrtp-1.5.0/crypto/include/sha1.h
--- libsrtp-1.5.0/crypto/include/sha1.h 2014-10-13 10:35:33.000000000 -0400
+++ libsrtp-1.5.0/crypto/include/sha1.h 2014-10-31 09:16:10.367733196 -0400
@@ -103,7 +103,7 @@ typedef struct {
*/
void
-sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
+crypto_sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
/*
* sha1_init(&ctx) initializes the SHA1 context ctx
@@ -117,13 +117,13 @@ sha1(const uint8_t *message, int octets
*/
void
-sha1_init(sha1_ctx_t *ctx);
+crypto_sha1_init(sha1_ctx_t *ctx);
void
-sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
+crypto_sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
void
-sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
+crypto_sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
/*
* The sha1_core function is INTERNAL to SHA-1, but it is declared
@@ -141,7 +141,7 @@ sha1_final(sha1_ctx_t *ctx, uint32_t out
*/
void
-sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
+crypto_sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
#endif /* else OPENSSL */
diff -rup libsrtp-1.5.0/crypto/test/sha1_driver.c libsrtp-1.5.0/crypto/test/sha1_driver.c
--- libsrtp-1.5.0/crypto/test/sha1_driver.c 2014-10-13 10:35:33.000000000 -0400
+++ libsrtp-1.5.0/crypto/test/sha1_driver.c 2014-10-31 09:15:20.668474454 -0400
@@ -113,9 +113,9 @@ sha1_test_case_validate(const hash_test_
if (test_case->data_len > MAX_HASH_DATA_LEN)
return err_status_bad_param;
- sha1_init(&ctx);
- sha1_update(&ctx, test_case->data, test_case->data_len);
- sha1_final(&ctx, hash_value);
+ crypto_sha1_init(&ctx);
+ crypto_sha1_update(&ctx, test_case->data, test_case->data_len);
+ crypto_sha1_final(&ctx, hash_value);
if (0 == memcmp(test_case->hash, hash_value, 20)) {
#if VERBOSE
printf("PASSED: reference value: %s\n",

129
libsrtp-srtp_aes_encrypt.patch Normal file
View File

@ -0,0 +1,129 @@
diff -rup a/crypto/cipher/aes.c b/crypto/cipher/aes.c
--- a/crypto/cipher/aes.c 2014-10-13 10:35:33.000000000 -0400
+++ b/crypto/cipher/aes.c 2014-10-31 09:25:20.603597823 -0400
@@ -2002,7 +2002,7 @@ aes_inv_final_round(v128_t *state, const
void
-aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key) {
+srtp_aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key) {
/* add in the subkey */
v128_xor_eq(plaintext, &exp_key->round[0]);
diff -rup a/crypto/cipher/aes_cbc.c b/crypto/cipher/aes_cbc.c
--- a/crypto/cipher/aes_cbc.c 2014-10-13 10:35:33.000000000 -0400
+++ b/crypto/cipher/aes_cbc.c 2014-10-31 09:25:20.604597828 -0400
@@ -192,7 +192,7 @@ aes_cbc_encrypt(aes_cbc_ctx_t *c,
debug_print(mod_aes_cbc, "inblock: %s",
v128_hex_string(&c->state));
- aes_encrypt(&c->state, &c->expanded_key);
+ srtp_aes_encrypt(&c->state, &c->expanded_key);
debug_print(mod_aes_cbc, "outblock: %s",
v128_hex_string(&c->state));
diff -rup a/crypto/cipher/aes_icm.c b/crypto/cipher/aes_icm.c
--- a/crypto/cipher/aes_icm.c 2014-10-13 10:35:33.000000000 -0400
+++ b/crypto/cipher/aes_icm.c 2014-10-31 09:25:20.604597828 -0400
@@ -260,7 +260,7 @@ aes_icm_set_octet(aes_icm_ctx_t *c,
/* fill keystream buffer, if needed */
if (tail_num) {
v128_copy(&c->keystream_buffer, &c->counter);
- aes_encrypt(&c->keystream_buffer, &c->expanded_key);
+ srtp_aes_encrypt(&c->keystream_buffer, &c->expanded_key);
c->bytes_in_buffer = sizeof(v128_t);
debug_print(mod_aes_icm, "counter: %s",
@@ -316,7 +316,7 @@ static inline void
aes_icm_advance_ismacryp(aes_icm_ctx_t *c, uint8_t forIsmacryp) {
/* fill buffer with new keystream */
v128_copy(&c->keystream_buffer, &c->counter);
- aes_encrypt(&c->keystream_buffer, &c->expanded_key);
+ srtp_aes_encrypt(&c->keystream_buffer, &c->expanded_key);
c->bytes_in_buffer = sizeof(v128_t);
debug_print(mod_aes_icm, "counter: %s",
diff -rup a/crypto/include/aes.h b/crypto/include/aes.h
--- a/crypto/include/aes.h 2014-10-13 10:35:33.000000000 -0400
+++ b/crypto/include/aes.h 2014-10-31 09:25:20.604597828 -0400
@@ -68,7 +68,7 @@ aes_expand_decryption_key(const uint8_t
aes_expanded_key_t *expanded_key);
void
-aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
+srtp_aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
void
aes_decrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
diff -rup a/crypto/rng/prng.c b/crypto/rng/prng.c
--- a/crypto/rng/prng.c 2014-10-13 10:35:33.000000000 -0400
+++ b/crypto/rng/prng.c 2014-10-31 09:25:20.605597833 -0400
@@ -112,7 +112,7 @@ x917_prng_get_octet_string(uint8_t *dest
v128_copy(&buffer, &x917_prng.state);
/* apply aes to buffer */
- aes_encrypt(&buffer, &x917_prng.key);
+ srtp_aes_encrypt(&buffer, &x917_prng.key);
/* write data to output */
*dest++ = buffer.v8[0];
@@ -136,7 +136,7 @@ x917_prng_get_octet_string(uint8_t *dest
buffer.v32[0] ^= t;
/* encrypt buffer */
- aes_encrypt(&buffer, &x917_prng.key);
+ srtp_aes_encrypt(&buffer, &x917_prng.key);
/* copy buffer into state */
v128_copy(&x917_prng.state, &buffer);
@@ -154,7 +154,7 @@ x917_prng_get_octet_string(uint8_t *dest
v128_copy(&buffer, &x917_prng.state);
/* apply aes to buffer */
- aes_encrypt(&buffer, &x917_prng.key);
+ srtp_aes_encrypt(&buffer, &x917_prng.key);
/* write data to output */
for (i=0; i < tail_len; i++) {
@@ -167,7 +167,7 @@ x917_prng_get_octet_string(uint8_t *dest
buffer.v32[0] ^= t;
/* encrypt buffer */
- aes_encrypt(&buffer, &x917_prng.key);
+ srtp_aes_encrypt(&buffer, &x917_prng.key);
/* copy buffer into state */
v128_copy(&x917_prng.state, &buffer);
diff -rup a/crypto/test/aes_calc.c b/crypto/test/aes_calc.c
--- a/crypto/test/aes_calc.c 2014-10-13 10:35:33.000000000 -0400
+++ b/crypto/test/aes_calc.c 2014-10-31 09:25:20.605597833 -0400
@@ -109,7 +109,7 @@ main (int argc, char *argv[]) {
exit(1);
}
- aes_encrypt(&data, &exp_key);
+ srtp_aes_encrypt(&data, &exp_key);
/* write ciphertext to output */
if (verbose) {
diff -rup a/tables/aes_tables.c b/tables/aes_tables.c
--- a/tables/aes_tables.c 2014-10-13 10:35:33.000000000 -0400
+++ b/tables/aes_tables.c 2014-10-31 09:25:20.605597833 -0400
@@ -298,7 +298,7 @@ main(void) {
#if AES_INVERSE_TEST
/*
- * test that aes_encrypt and aes_decrypt are actually
+ * test that srtp_aes_encrypt and aes_decrypt are actually
* inverses of each other
*/
@@ -335,7 +335,7 @@ aes_test_inverse(void) {
v128_copy_octet_string(&x, plaintext);
aes_expand_encryption_key(k, expanded_key);
aes_expand_decryption_key(k, decrypt_key);
- aes_encrypt(&x, expanded_key);
+ srtp_aes_encrypt(&x, expanded_key);
aes_decrypt(&x, decrypt_key);
/* compare to expected value then report */

188
libsrtp.spec Normal file
View File

@ -0,0 +1,188 @@
%global shortname srtp
Name: libsrtp
Version: 2.3.0
Release: 4%{?dist}
Summary: An implementation of the Secure Real-time Transport Protocol (SRTP)
License: BSD
URL: https://github.com/cisco/libsrtp
Source0: https://github.com/cisco/libsrtp/archive/v%{version}.tar.gz
BuildRequires: gcc, nss-devel, libpcap-devel
# Fix shared lib so ldconfig doesn't complain
Patch0: libsrtp-2.3.0-shared-fix.patch
# Fix namespace issue in test/util.c
Patch1: libsrtp-2.3.0-test-util.patch
# Link test binaries against shared lib
Patch2: libsrtp-2.3.0-shared-test-fix.patch
%description
This package provides an implementation of the Secure Real-time
Transport Protocol (SRTP), the Universal Security Transform (UST), and
a supporting cryptographic kernel.
%package devel
Summary: Development files for %{name}
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: pkgconfig
%description devel
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.
%package tools
Summary: Tools for testing and decoding SRTP
Requires: %{name}%{?_isa} = %{version}-%{release}
%description tools
Tools for testing and decoding SRTP
%prep
%setup -q -n %{name}-%{version}
%patch0 -p1 -b .sharedfix
%patch1 -p1 -b .utilfix
%patch2 -p1 -b .test-shared-fix
%if 0%{?rhel} > 0
%ifarch ppc64
sed -i 's/-z noexecstack//' Makefile.in
%endif
%endif
%build
export CFLAGS="%{optflags} -fPIC"
%configure --enable-nss
make %{?_smp_mflags} shared_library test
%install
make install DESTDIR=%{buildroot}
find %{buildroot} -name '*.la' -exec rm -f {} ';'
find %{buildroot} -name '*.a' -exec rm -f {} ';'
install -D -p -m 0755 test/dtls_srtp_driver %{buildroot}%{_bindir}/dtls_srtp_driver
install -D -p -m 0755 test/rdbx_driver %{buildroot}%{_bindir}/rdbx_driver
install -D -p -m 0755 test/replay_driver %{buildroot}%{_bindir}/replay_driver
install -D -p -m 0755 test/roc_driver %{buildroot}%{_bindir}/roc_driver
install -D -p -m 0755 test/rtp_decoder %{buildroot}%{_bindir}/rtp_decoder
install -D -p -m 0755 test/rtpw %{buildroot}%{_bindir}/rtpw
install -D -p -m 0755 test/srtp_driver %{buildroot}%{_bindir}/srtp_driver
install -D -p -m 0755 test/test_srtp %{buildroot}%{_bindir}/test_srtp
%ldconfig_scriptlets
%files
%license LICENSE
%doc CHANGES README.md
%{_libdir}/*.so.*
%files devel
%{_includedir}/%{shortname}2/
%{_libdir}/pkgconfig/libsrtp2.pc
%{_libdir}/*.so
%files tools
%{_bindir}/*
%changelog
* Mon Oct 12 2020 Tom Callaway <spot@fedoraproject.org> - 2.3.0-4
- add -tools subpackage (thanks to Gerd v. Egidy)
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Tue Jan 7 2020 Tom Callaway <spot@fedoraproject.org> - 2.3.0-1
- update to 2.3.0
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jul 23 2018 Tom Callaway <spot@fedoraproject.org> - 1.5.4-9
- add BuildRequires: gcc
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Wed Mar 2 2016 Tom Callaway <spot@fedoraproject.org> - 1.5.4-3
- use upstream provided .pc file (bz1313590)
* Fri Feb 12 2016 Tom Callaway <spot@fedoraproject.org> - 1.5.4-2
- fix shared lib generation to silence ldconfig
* Thu Feb 11 2016 Tom Callaway <spot@fedoraproject.org> - 1.5.4-1
- update to 1.5.4
- fix MIPS name collision (bz1305950 ) Thanks to Michal Toman
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri Nov 14 2014 Tom Callaway <spot@fedoraproject.org> - 1.5.0-2
- fix library linking typo
* Fri Nov 14 2014 Tom Callaway <spot@fedoraproject.org>
- api changes between 1.4.4 and 1.5.0, bump sover to 1.0.0
- fix linking issue to make proper libsrtp.so.1
* Fri Oct 31 2014 Leif Madsen <leif@leifmadsen.com> - 1.5.0-1
- Update for 1.5.0 release.
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-13.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-12.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 15 2014 Dennis Gilmore <dennis@ausil.us> - 1.4.4-11.20101004cvs
- update the config.h header aarch64 is a 64 bit arch though there is no multilib
* Mon Feb 10 2014 Tom Callaway <spot@fedoraproject.org> - 1.4.4-10.20101004cvs
- rename internal functions to avoid conflicts (bz 956340)
* Mon Dec 30 2013 Tom Callaway <spot@fedoraproject.org> - 1.4.4-9.20101004cvs
- apply fix for CVE-2013-2139 from https://github.com/cisco/libsrtp/pull/27
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-8.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-7.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Sep 25 2012 Karsten Hopp <karsten@redhat.com> 1.4.4-6.20101004cvs
- use __PPC64__, not __ppc64__ which is undefined on PPC64 arch
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-5.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Feb 21 2012 Tom Callaway <spot@fedoraproject.org> - 1.4.4-4.20101004cvs
- handle config.h multilib (bz787537)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-3.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.4-2.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Jan 25 2011 Jeffrey C. Ollie <jeff@ocjtech.us>
- Don't use '-z noexecstack' option for linker on PPC64 (EL6)
* Mon Oct 4 2010 Tom "spot" Callaway <tcallawa@redhat.com> - 1.4.4-1.20101004cvs
- initial package

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (v2.3.0.tar.gz) = 34b1a01cb9a75aed175be09aadd2827224203b9801becc3fbc5214667cce79c3b87b0f59e4315583863ab5a2cc4fc81d56ab604a5e4c984518b8a8a2a7b77461